- 论坛徽章:
- 0
|
本帖最后由 170fangjun 于 2015-10-22 15:48 编辑
- /* expected hook */
- MY_PAM_EXTERN int pam_sm_setcred( pam_handle_t *pamh, int flags, int argc, const char **argv )
- {
- DPRINT(LOG_DEBUG, "进入pam_sm_setcred() flags:%d argc :%d ",flags,argc);
- int nret = PAM_SUCCESS, *pret;
- pret = &nret;
- pam_get_data(pamh, "sample_setcred_return", (const void **)&pret);
- return *pret;
- //return PAM_AUTH_ERR;
- }
- MY_PAM_EXTERN int pam_sm_chauthtok(pam_handle_t *pamh, int flags,
- int argc, const char **argv)
- {
- DPRINT(LOG_DEBUG, "进入pam_sm_chauthtok() flags:%d argc :%d ",flags,argc);
- return PAM_SUCCESS;
- }
- MY_PAM_EXTERN int pam_sm_acct_mgmt(pam_handle_t *pamh, int flags, int argc, const char **argv)
- {
- DPRINT(LOG_DEBUG, "进入pam_sm_acct_mgmt() flags:%d argc :%d ",flags,argc);
- return PAM_SUCCESS;
- }
- MY_PAM_EXTERN int pam_sm_open_session(pam_handle_t *pamh,int flags,int argc,const char **argv)
- {
- DPRINT(LOG_DEBUG, "进入pam_sm_open_session() flags:%d argc :%d ",flags,argc);
- return PAM_SUCCESS;
- }
- MY_PAM_EXTERN int pam_sm_close_session(pam_handle_t *pamh,int flags,int argc,const char **argv)
- {
- DPRINT(LOG_DEBUG, "进入pam_sm_open_session() flags:%d argc :%d ",flags,argc);
- return PAM_SUCCESS;
- }
- /* expected hook, this is where custom stuff happens */
- MY_PAM_EXTERN int pam_sm_authenticate( pam_handle_t *pamh, int flags,int argc, const char **argv )
- {
- DPRINT(LOG_DEBUG, "进入pam_sm_authenticate() flags:%d argc :%d ",flags,argc);
- int retval;
- const char* pUsername = NULL;
- const char *pPassword = NULL;
- const char *prompt = NULL;
- retval = pam_get_user(pamh, &pUsername, "sec管控帐号: ");
- DPRINT(LOG_DEBUG, "获取管控帐号:%s",pUsername);
- /// simplog.writeLog(SIMPLOG_DEBUG, "Welcome: %s", pUsername);
- if (retval != PAM_SUCCESS)
- {
- pam_error(pamh, "获取sec管控帐号失败");
- return retval;
- }
- retval = pam_get_authtok(pamh, PAM_AUTHTOK, &pPassword, prompt);
- // retval = pam_get_authtok(pamh, PAM_OLDAUTHTOK, &pPassword, prompt); /////// ok !
- // retval = pam_get_authtok_noverify(pamh, &pPassword, prompt);
- if(retval != PAM_SUCCESS)
- {
- pam_info(pamh, "获取sec认证密码失败");
- return retval;
- }
- char cmd[1024];
- char errMsg[512];
- sprintf(cmd, "export DISPLAY=:0.0;%s %s %s %s", "LoginAgent", H_ToKen, pUsername, pPassword);
- memset(errMsg, 0, 512);
- //pam_info(pamh, "cmd: %s", cmd);
- if(0 != runLoginAgent(pamh, cmd, errMsg, 512))
- {
- pam_error(pamh, "sec 认证失败:%s", errMsg);
- return PAM_AUTH_ERR; }
- else
- {
- pam_info(pamh, "sec 认证: 成功!");
- }
- int *pret = (int *)malloc(sizeof(int));
- *pret = PAM_SUCCESS;
- pam_set_data(pamh, "sample_setcred_return", (void *)pret, sample_pam_free);
- #endif
- return PAM_SUCCESS; /// 允许登录
- }
复制代码 |
|